Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

How to read the report | Suppressing false positives | Getting Help: github issues

Project: tomcat10-config

com.github.hazendaz.tomcat:tomcat10-config:10.0.0-M4

Scan Information (show all):

Summary

Display: Showing Vulnerable Dependencies (click to show all)

DependencyVulnerability IDsPackageHighest SeverityCVE CountConfidenceEvidence Count
animal-sniffer-annotations-1.18.jarpkg:maven/org.codehaus.mojo/animal-sniffer-annotations@1.18 025
error_prone_annotations-2.3.4.jarpkg:maven/com.google.errorprone/error_prone_annotations@2.3.4 023
hibernate-validator-annotation-processor-6.1.0.Final.jarcpe:2.3:a:hibernate:hibernate-validator:6.1.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:hibernate_validator:6.1.0:*:*:*:*:*:*:*
pkg:maven/org.hibernate.validator/hibernate-validator-annotation-processor@6.1.0.Final 0Highest27
j2objc-annotations-1.3.jarpkg:maven/com.google.j2objc/j2objc-annotations@1.3 024
jsr305-3.0.2.jarpkg:maven/com.google.code.findbugs/jsr305@3.0.2 017
modernizer-maven-annotations-2.0.0.jarpkg:maven/org.gaul/modernizer-maven-annotations@2.0.0 017
lombok-1.18.10.jarpkg:maven/org.projectlombok/lombok@1.18.10 022
tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: bootstrap.jarcpe:2.3:a:apache:tomcat:10.0.0:m4:*:*:*:*:*:*
cpe:2.3:a:apache_software_foundation:tomcat:10.0.0:m4:*:*:*:*:*:*
 0Highest16
tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: commons-daemon.jarpkg:maven/commons-daemon/commons-daemon@1.2.2 042
tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: tomcat-juli.jarcpe:2.3:a:apache_tomcat:apache_tomcat:10.0.0:m4:*:*:*:*:*:* 0Low32
tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: annotations-api.jarcpe:2.3:a:apache:tomcat:3.0:*:*:*:*:*:*:*
cpe:2.3:a:apache_software_foundation:tomcat:10.0.0:m4:*:*:*:*:*:*
cpe:2.3:a:apache_tomcat:apache_tomcat:10.0.0:m4:*:*:*:*:*:*
HIGH32Low29
tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: catalina-ant.jarcpe:2.3:a:apache:tomcat:10.0.0:m4:*:*:*:*:*:*
cpe:2.3:a:apache_software_foundation:tomcat:10.0.0:m4:*:*:*:*:*:*
 0High14
tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: catalina-ha.jarcpe:2.3:a:apache_tomcat:apache_tomcat:10.0.0:m4:*:*:*:*:*:* 0Low36
tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: catalina.jarcpe:2.3:a:apache:tomcat:3.0:*:*:*:*:*:*:*
cpe:2.3:a:apache_software_foundation:tomcat:10.0.0:m4:*:*:*:*:*:*
cpe:2.3:a:apache_tomcat:apache_tomcat:10.0.0:m4:*:*:*:*:*:*
HIGH32Low34
tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: ecj-4.15.jar 025
tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: el-api.jarcpe:2.3:a:apache:tomcat:3.0:*:*:*:*:*:*:*
cpe:2.3:a:apache_software_foundation:tomcat:10.0.0:m4:*:*:*:*:*:*
cpe:2.3:a:apache_tomcat:apache_tomcat:10.0.0:m4:*:*:*:*:*:*
HIGH32Low31
tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: jasper.jarcpe:2.3:a:apache_tomcat:apache_tomcat:10.0.0:m4:*:*:*:*:*:* 0Low34
tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: jaspic-api.jarcpe:2.3:a:apache:tomcat:3.0:*:*:*:*:*:*:*
cpe:2.3:a:apache_software_foundation:tomcat:10.0.0:m4:*:*:*:*:*:*
cpe:2.3:a:apache_tomcat:apache_tomcat:10.0.0:m4:*:*:*:*:*:*
HIGH32Low34
tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: jsp-api.jarcpe:2.3:a:apache:tomcat:3.0:*:*:*:*:*:*:*
cpe:2.3:a:apache_software_foundation:tomcat:10.0.0:m4:*:*:*:*:*:*
cpe:2.3:a:apache_tomcat:apache_tomcat:10.0.0:m4:*:*:*:*:*:*
HIGH32Low33
tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: servlet-api.jarcpe:2.3:a:apache:tomcat:3.0:*:*:*:*:*:*:*
cpe:2.3:a:apache_software_foundation:tomcat:10.0.0:m4:*:*:*:*:*:*
cpe:2.3:a:apache_tomcat:apache_tomcat:10.0.0:m4:*:*:*:*:*:*
HIGH32Low32
tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: tomcat-api.jarcpe:2.3:a:apache:tomcat:3.0:*:*:*:*:*:*:*
cpe:2.3:a:apache_software_foundation:tomcat:10.0.0:m4:*:*:*:*:*:*
cpe:2.3:a:apache_tomcat:apache_tomcat:10.0.0:m4:*:*:*:*:*:*
HIGH32Low32
tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: tomcat-i18n-cs.jarcpe:2.3:a:apache:tomcat:10.0.0:m4:*:*:*:*:*:*
cpe:2.3:a:apache_software_foundation:tomcat:10.0.0:m4:*:*:*:*:*:*
cpe:2.3:a:apache_tomcat:apache_tomcat:10.0.0:m4:*:*:*:*:*:*
 0Low9
tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: tomcat-i18n-fr.jarcpe:2.3:a:apache:tomcat:10.0.0:m4:*:*:*:*:*:*
cpe:2.3:a:apache_software_foundation:tomcat:10.0.0:m4:*:*:*:*:*:*
cpe:2.3:a:apache_tomcat:apache_tomcat:10.0.0:m4:*:*:*:*:*:*
cpe:2.3:a:nfr:nfr:10.0.0.m4:*:*:*:*:*:*:*
 0Low9
tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: tomcat-jdbc.jarcpe:2.3:a:apache:tomcat:10.0.0:m4:*:*:*:*:*:*
cpe:2.3:a:apache_software_foundation:tomcat:10.0.0:m4:*:*:*:*:*:*
cpe:2.3:a:apache_tomcat:apache_tomcat:10.0.0:m4:*:*:*:*:*:*
 0Highest19
tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: websocket-api.jarcpe:2.3:a:apache:tomcat:3.0:*:*:*:*:*:*:*
cpe:2.3:a:apache_software_foundation:tomcat:10.0.0:m4:*:*:*:*:*:*
cpe:2.3:a:apache_tomcat:apache_tomcat:10.0.0:m4:*:*:*:*:*:*
HIGH32Low30
tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: sample.war 08
tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: taglibs-standard-impl-1.2.5-migrated-0.0.1.jarcpe:2.3:a:apache:standard_taglibs:1.2.5:*:*:*:*:*:*:*pkg:maven/org.apache.taglibs/taglibs-standard-impl@1.2.5 0Highest28

Dependencies

animal-sniffer-annotations-1.18.jar

File Path: C:\Users\Jeremy\.m2\repository\org\codehaus\mojo\animal-sniffer-annotations\1.18\animal-sniffer-annotations-1.18.jar
MD5: f0a84f9b30590b3aa76edc893d6fe4ff
SHA1: f7aa683ea79dc6681ee9fb95756c999acbb62f5d
SHA256:47f05852b48ee9baefef80fa3d8cea60efa4753c0013121dd7fe5eef2e5c729d
Referenced In Project/Scope:tomcat10-config:provided

Identifiers

error_prone_annotations-2.3.4.jar

License:

Apache 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\Jeremy\.m2\repository\com\google\errorprone\error_prone_annotations\2.3.4\error_prone_annotations-2.3.4.jar
MD5: 67beeee58df00366100061c7da82f4c2
SHA1: dac170e4594de319655ffb62f41cbd6dbb5e601e
SHA256:baf7d6ea97ce606c53e11b6854ba5f2ce7ef5c24dddf0afa18d1260bd25b002c
Referenced In Project/Scope:tomcat10-config:provided

Identifiers

hibernate-validator-annotation-processor-6.1.0.Final.jar

File Path: C:\Users\Jeremy\.m2\repository\org\hibernate\validator\hibernate-validator-annotation-processor\6.1.0.Final\hibernate-validator-annotation-processor-6.1.0.Final.jar
MD5: d52a67ed92931149886a915c51572f66
SHA1: f3c20f81a0e81aa100574719aaa17b884be80044
SHA256:321b0e3f9824d5ef79929d65f40ce410cb02d703ba7545a960152b877b6f0da6
Referenced In Project/Scope:tomcat10-config:provided

Identifiers

j2objc-annotations-1.3.jar

Description:

    A set of annotations that provide additional information to the J2ObjC
    translator to modify the result of translation.
  

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\Jeremy\.m2\repository\com\google\j2objc\j2objc-annotations\1.3\j2objc-annotations-1.3.jar
MD5: 5fa4ec4ec0c5aa70af8a7d4922df1931
SHA1: ba035118bc8bac37d7eff77700720999acd9986d
SHA256:21af30c92267bd6122c0e0b4d20cccb6641a37eaf956c6540ec471d584e64a7b
Referenced In Project/Scope:tomcat10-config:provided

Identifiers

jsr305-3.0.2.jar

Description:

JSR305 Annotations for Findbugs

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\Jeremy\.m2\repository\com\google\code\findbugs\jsr305\3.0.2\jsr305-3.0.2.jar
MD5: dd83accb899363c32b07d7a1b2e4ce40
SHA1: 25ea2e8b0c338a877313bd4672d3fe056ea78f0d
SHA256:766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7
Referenced In Project/Scope:tomcat10-config:provided

Identifiers

modernizer-maven-annotations-2.0.0.jar

File Path: C:\Users\Jeremy\.m2\repository\org\gaul\modernizer-maven-annotations\2.0.0\modernizer-maven-annotations-2.0.0.jar
MD5: a5b9862c04883026bf2c6da7cfbcb41e
SHA1: b06ed11cb087953b7d5c852b4859fd4a5b39036c
SHA256:90c6526797cd0b901b36ef56dd0f5a5499cf47e349ad70ac19b478543744388d
Referenced In Project/Scope:tomcat10-config:provided

Identifiers

lombok-1.18.10.jar

Description:

Spice up your java: Automatic Resource Management, automatic generation of getters, setters, equals, hashCode and toString, and more!

License:

The MIT License: https://projectlombok.org/LICENSE
File Path: C:\Users\Jeremy\.m2\repository\org\projectlombok\lombok\1.18.10\lombok-1.18.10.jar
MD5: a549b7cd139ccef0fe19d8e7cb5953cd
SHA1: 625fc0055674dff70dbc76efa36d0f2c89b04a24
SHA256:2836e954823bfcbad45e78c18896e3d01058e6f643749810c608b7005ee7b2fa
Referenced In Project/Scope:tomcat10-config:provided

Identifiers

tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: bootstrap.jar

File Path: C:\Users\Jeremy\.m2\repository\org\apache\tomcat\tomcat\10.0.0-M4\tomcat-10.0.0-M4.tar.gz\tomcat-10.0.0-M4.tar\apache-tomcat-10.0.0-M4\bin\bootstrap.jar
MD5: 8f651bdd004aa5b8873fc3302a6f1bf2
SHA1: 051beb4ca3288b3cedd296aee303ede2ec4c40e9
SHA256:5deb41420605cc636b50a9cc5b13756b98d3b7e0c60a54664bad7c7430649b84
Referenced In Project/Scope:tomcat10-config:provided

Identifiers

tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: commons-daemon.jar

Description:

    Apache Commons Daemon software is a set of utilities and Java support
    classes for running Java applications as server processes. These are
    commonly known as 'daemon' processes in Unix terminology (hence the
    name). On Windows they are called 'services'.
  

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\Jeremy\.m2\repository\org\apache\tomcat\tomcat\10.0.0-M4\tomcat-10.0.0-M4.tar.gz\tomcat-10.0.0-M4.tar\apache-tomcat-10.0.0-M4\bin\commons-daemon.jar
MD5: bb27d960ade50ef134ce1009399014c3
SHA1: a3af8109d05090664542b1eba2549108cb56479f
SHA256:e9469231d2f1e2e5a5c676ca9acb0012b6a4be3f8d7ca1884aae5dfe23beca65
Referenced In Project/Scope:tomcat10-config:provided

Identifiers

tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: tomcat-juli.jar

File Path: C:\Users\Jeremy\.m2\repository\org\apache\tomcat\tomcat\10.0.0-M4\tomcat-10.0.0-M4.tar.gz\tomcat-10.0.0-M4.tar\apache-tomcat-10.0.0-M4\bin\tomcat-juli.jar
MD5: d7e9cdfff2adad02012dd3ee2731258a
SHA1: 02fea581e680b46f07e9ab9bf8f88d0aad9e618b
SHA256:fc2453048e793698b999a7d8bd46d3ded4241515a7882d1bb0dbc50d64454469
Referenced In Project/Scope:tomcat10-config:provided

Identifiers

  • cpe:2.3:a:apache_tomcat:apache_tomcat:10.0.0:m4:*:*:*:*:*:*  (Confidence:Low)  

tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: annotations-api.jar

File Path: C:\Users\Jeremy\.m2\repository\org\apache\tomcat\tomcat\10.0.0-M4\tomcat-10.0.0-M4.tar.gz\tomcat-10.0.0-M4.tar\apache-tomcat-10.0.0-M4\lib\annotations-api.jar
MD5: 4fb8513a2ad5c5904f61f43f2fdf6da8
SHA1: 9a5f97bc74d07797b2ad9cbfccbe3b7a15a1e979
SHA256:3eba7ae488ca69f35292c6c7ef2747811edf35af4a74a8d7d8585eeacf0a8722
Referenced In Project/Scope:tomcat10-config:provided

Identifiers

  • cpe:2.3:a:apache:tomcat:3.0:*:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:apache_software_foundation:tomcat:10.0.0:m4:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:apache_tomcat:apache_tomcat:10.0.0:m4:*:*:*:*:*:*  (Confidence:Low)  

CVE-2000-0672  

The default configuration of Jakarta Tomcat does not restrict access to the /admin context, which allows remote attackers to read arbitrary files by directly calling the administrative servlets to add a context for the root directory.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2000-0760  

The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (6.4)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2000-1210  

Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions:

CVE-2001-0590  

Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification (i.e. HTTP/1.0).
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions:

CVE-2002-0493  

Apache Tomcat may be started without proper security settings if errors are encountered while reading the web.xml file, which could allow attackers to bypass intended restrictions.
CWE-254 7PK - Security Features

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions:

CVE-2002-1148  

The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2002-2006  

The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation path and other sensitive system information via the (1) SnoopServlet or (2) TroubleShooter example servlets.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0042  

Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0043  

Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0044  

Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (6.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0045  

Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource consumption) via a request for a JSP page containing an MS-DOS device name, such as aux.jsp.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2005-0808  

Apache Tomcat before 5.x allows remote attackers to cause a denial of service (application crash) via a crafted AJP12 packet to TCP port 8007.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2005-4838  

Multiple cross-site scripting (XSS) vulnerabilities in the example web applications for Jakarta Tomcat 5.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) el/functions.jsp, (2) el/implicit-objects.jsp, and (3) jspx/textRotate.jspx in examples/jsp2/, as demonstrated via script in a request to snp/snoop.jsp.  NOTE: other XSS issues in the manager were simultaneously reported, but these require admin access and do not cross privilege boundaries.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions:

CVE-2006-7196  

Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly unspecified other vectors.  NOTE: this may be related to CVE-2006-0254.1.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2007-1358  

Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616".
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: LOW (2.6)
  • Vector: /AV:N/AC:H/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2007-2449  

Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI after the ';' character, as demonstrated by a URI containing a "snp/snoop.jsp;" sequence.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2008-0128  

The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
CWE-16 Configuration

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions:

CVE-2009-2696  

Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat on Red Hat Enterprise Linux 5, Desktop Workstation 5, and Linux Desktop 5 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML." NOTE: this is due to a missing fix for CVE-2009-0781.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions:

CVE-2009-3548  

The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges.
CWE-255 Credentials Management

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2012-5568  

Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris.
CWE-16 Configuration

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-2185  

** DISPUTED ** The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance, a similar issue to CVE-2013-2186.  NOTE: this issue is reportedly disputed by the Apache Tomcat team, although Red Hat considers it a vulnerability. The dispute appears to regard whether it is the responsibility of applications to avoid providing untrusted data to be deserialized, or whether this class should inherently protect against this issue.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4286  

Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification of a request's length and conduct request-smuggling attacks via (1) multiple Content-Length headers or (2) a Content-Length header and a "Transfer-Encoding: chunked" header.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2005-2090.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: MEDIUM (5.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4322  

Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3544.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4444  

Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File code and a custom JMX configuration, allows remote attackers to execute arbitrary code by uploading and accessing a JSP file.
CWE-94 Improper Control of Generation of Code ('Code Injection')

CVSSv2:
  • Base Score: MEDIUM (6.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4590  

Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain "Tomcat internals" information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CWE-200 Information Exposure

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2013-6357  

** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in the Manager application in Apache Tomcat 5.5.25 and earlier allows remote attackers to hijack the authentication of administrators for requests that manipulate application deployment via the POST method, as demonstrated by a /manager/html/undeploy?path= URI.  NOTE: the vendor disputes the significance of this report, stating that "the Apache Tomcat Security team has not accepted any reports of CSRF attacks against the Manager application ... as they require a reckless system administrator."
CWE-352 Cross-Site Request Forgery (CSRF)

CVSSv2:
  • Base Score: MEDIUM (6.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0075  

Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data.
CWE-189 Numeric Errors

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0096  

java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CWE-264 Permissions, Privileges, and Access Controls

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0099  

Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.
CWE-189 Numeric Errors

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0119  

Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to (1) read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, or (2) read files associated with different web applications on a single Tomcat instance via a crafted web application.
CWE-264 Permissions, Privileges, and Access Controls

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2016-5425  

The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows local users to gain root privileges by leveraging membership in the tomcat group.
CWE-264 Permissions, Privileges, and Access Controls

CVSSv2:
  • Base Score: HIGH (7.2)
  • Vector: /AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSSv3:
  • Base Score: HIGH (7.8)
  • Vector: /AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions:

CVE-2017-6056  

It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. The denial of service is easily achievable as a consequence of backporting a CVE-2016-6816 fix but not backporting the fix for Tomcat bug 57544. Distributions affected by this backporting issue include Debian (before 7.0.56-3+deb8u8 and 8.0.14-1+deb8u7 in jessie) and Ubuntu.
CWE-19 Data Processing Errors

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: catalina-ant.jar

File Path: C:\Users\Jeremy\.m2\repository\org\apache\tomcat\tomcat\10.0.0-M4\tomcat-10.0.0-M4.tar.gz\tomcat-10.0.0-M4.tar\apache-tomcat-10.0.0-M4\lib\catalina-ant.jar
MD5: bdf6e1a5ddd415595e414c98ab9c6bfc
SHA1: 0faa7f588c845f903479776b4fce3bca810a2aad
SHA256:e2cfc9b5dabd1164467a0a35cefd0c529b3b267a86d989dc39685b000757aed9
Referenced In Project/Scope:tomcat10-config:provided

Identifiers

tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: catalina-ha.jar

File Path: C:\Users\Jeremy\.m2\repository\org\apache\tomcat\tomcat\10.0.0-M4\tomcat-10.0.0-M4.tar.gz\tomcat-10.0.0-M4.tar\apache-tomcat-10.0.0-M4\lib\catalina-ha.jar
MD5: 36e99bb9a00000561f827295a3f9289e
SHA1: 145354f1229354a1e231868522476f583eb6a84c
SHA256:a26a44498aeb6eb9e9481a7060f7c3785202d9f957484d74cda5907f6210cf78
Referenced In Project/Scope:tomcat10-config:provided

Identifiers

  • cpe:2.3:a:apache_tomcat:apache_tomcat:10.0.0:m4:*:*:*:*:*:*  (Confidence:Low)  

tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: catalina.jar

File Path: C:\Users\Jeremy\.m2\repository\org\apache\tomcat\tomcat\10.0.0-M4\tomcat-10.0.0-M4.tar.gz\tomcat-10.0.0-M4.tar\apache-tomcat-10.0.0-M4\lib\catalina.jar
MD5: 2bb78eca1158e89c860aa7e7d6f547c0
SHA1: 48b91b6904e60114959650e9e75b4c8e95be7027
SHA256:3b04dd31a9cdbda61170a2491fe517aa86c03eaaa916ad688be89d6294366b3c
Referenced In Project/Scope:tomcat10-config:provided

Identifiers

  • cpe:2.3:a:apache:tomcat:3.0:*:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:apache_software_foundation:tomcat:10.0.0:m4:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:apache_tomcat:apache_tomcat:10.0.0:m4:*:*:*:*:*:*  (Confidence:Low)  

CVE-2000-0672  

The default configuration of Jakarta Tomcat does not restrict access to the /admin context, which allows remote attackers to read arbitrary files by directly calling the administrative servlets to add a context for the root directory.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2000-0760  

The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (6.4)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2000-1210  

Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions:

CVE-2001-0590  

Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification (i.e. HTTP/1.0).
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions:

CVE-2002-0493  

Apache Tomcat may be started without proper security settings if errors are encountered while reading the web.xml file, which could allow attackers to bypass intended restrictions.
CWE-254 7PK - Security Features

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions:

CVE-2002-1148  

The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2002-2006  

The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation path and other sensitive system information via the (1) SnoopServlet or (2) TroubleShooter example servlets.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0042  

Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0043  

Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0044  

Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (6.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0045  

Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource consumption) via a request for a JSP page containing an MS-DOS device name, such as aux.jsp.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2005-0808  

Apache Tomcat before 5.x allows remote attackers to cause a denial of service (application crash) via a crafted AJP12 packet to TCP port 8007.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2005-4838  

Multiple cross-site scripting (XSS) vulnerabilities in the example web applications for Jakarta Tomcat 5.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) el/functions.jsp, (2) el/implicit-objects.jsp, and (3) jspx/textRotate.jspx in examples/jsp2/, as demonstrated via script in a request to snp/snoop.jsp.  NOTE: other XSS issues in the manager were simultaneously reported, but these require admin access and do not cross privilege boundaries.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions:

CVE-2006-7196  

Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly unspecified other vectors.  NOTE: this may be related to CVE-2006-0254.1.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2007-1358  

Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616".
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: LOW (2.6)
  • Vector: /AV:N/AC:H/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2007-2449  

Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI after the ';' character, as demonstrated by a URI containing a "snp/snoop.jsp;" sequence.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2008-0128  

The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
CWE-16 Configuration

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions:

CVE-2009-2696  

Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat on Red Hat Enterprise Linux 5, Desktop Workstation 5, and Linux Desktop 5 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML." NOTE: this is due to a missing fix for CVE-2009-0781.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions:

CVE-2009-3548  

The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges.
CWE-255 Credentials Management

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2012-5568  

Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris.
CWE-16 Configuration

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-2185  

** DISPUTED ** The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance, a similar issue to CVE-2013-2186.  NOTE: this issue is reportedly disputed by the Apache Tomcat team, although Red Hat considers it a vulnerability. The dispute appears to regard whether it is the responsibility of applications to avoid providing untrusted data to be deserialized, or whether this class should inherently protect against this issue.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4286  

Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification of a request's length and conduct request-smuggling attacks via (1) multiple Content-Length headers or (2) a Content-Length header and a "Transfer-Encoding: chunked" header.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2005-2090.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: MEDIUM (5.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4322  

Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3544.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4444  

Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File code and a custom JMX configuration, allows remote attackers to execute arbitrary code by uploading and accessing a JSP file.
CWE-94 Improper Control of Generation of Code ('Code Injection')

CVSSv2:
  • Base Score: MEDIUM (6.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4590  

Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain "Tomcat internals" information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CWE-200 Information Exposure

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2013-6357  

** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in the Manager application in Apache Tomcat 5.5.25 and earlier allows remote attackers to hijack the authentication of administrators for requests that manipulate application deployment via the POST method, as demonstrated by a /manager/html/undeploy?path= URI.  NOTE: the vendor disputes the significance of this report, stating that "the Apache Tomcat Security team has not accepted any reports of CSRF attacks against the Manager application ... as they require a reckless system administrator."
CWE-352 Cross-Site Request Forgery (CSRF)

CVSSv2:
  • Base Score: MEDIUM (6.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0075  

Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data.
CWE-189 Numeric Errors

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0096  

java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CWE-264 Permissions, Privileges, and Access Controls

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0099  

Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.
CWE-189 Numeric Errors

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0119  

Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to (1) read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, or (2) read files associated with different web applications on a single Tomcat instance via a crafted web application.
CWE-264 Permissions, Privileges, and Access Controls

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2016-5425  

The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows local users to gain root privileges by leveraging membership in the tomcat group.
CWE-264 Permissions, Privileges, and Access Controls

CVSSv2:
  • Base Score: HIGH (7.2)
  • Vector: /AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSSv3:
  • Base Score: HIGH (7.8)
  • Vector: /AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions:

CVE-2017-6056  

It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. The denial of service is easily achievable as a consequence of backporting a CVE-2016-6816 fix but not backporting the fix for Tomcat bug 57544. Distributions affected by this backporting issue include Debian (before 7.0.56-3+deb8u8 and 8.0.14-1+deb8u7 in jessie) and Ubuntu.
CWE-19 Data Processing Errors

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: ecj-4.15.jar

File Path: C:\Users\Jeremy\.m2\repository\org\apache\tomcat\tomcat\10.0.0-M4\tomcat-10.0.0-M4.tar.gz\tomcat-10.0.0-M4.tar\apache-tomcat-10.0.0-M4\lib\ecj-4.15.jar
MD5: 4d1404f81be38fdf9186c9556c4ad3e9
SHA1: d06974eec06892e5594bdb8fbbc95cd81f1c57b2
SHA256:9082211f48782750093f07822d1ae481e8ece250449578f372334da626ccdead
Referenced In Project/Scope:tomcat10-config:provided

Identifiers

  • None

tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: el-api.jar

File Path: C:\Users\Jeremy\.m2\repository\org\apache\tomcat\tomcat\10.0.0-M4\tomcat-10.0.0-M4.tar.gz\tomcat-10.0.0-M4.tar\apache-tomcat-10.0.0-M4\lib\el-api.jar
MD5: 79364a2582868ff854458de5d875d963
SHA1: 0e3e755d7d7431551d8afac13b1f2fa5c1f29855
SHA256:350f517b0aebc2953e549250b979f4b42cece3847c8a724c34967db656d07369
Referenced In Project/Scope:tomcat10-config:provided

Identifiers

  • cpe:2.3:a:apache:tomcat:3.0:*:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:apache_software_foundation:tomcat:10.0.0:m4:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:apache_tomcat:apache_tomcat:10.0.0:m4:*:*:*:*:*:*  (Confidence:Low)  

CVE-2000-0672  

The default configuration of Jakarta Tomcat does not restrict access to the /admin context, which allows remote attackers to read arbitrary files by directly calling the administrative servlets to add a context for the root directory.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2000-0760  

The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (6.4)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2000-1210  

Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions:

CVE-2001-0590  

Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification (i.e. HTTP/1.0).
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions:

CVE-2002-0493  

Apache Tomcat may be started without proper security settings if errors are encountered while reading the web.xml file, which could allow attackers to bypass intended restrictions.
CWE-254 7PK - Security Features

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions:

CVE-2002-1148  

The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2002-2006  

The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation path and other sensitive system information via the (1) SnoopServlet or (2) TroubleShooter example servlets.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0042  

Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0043  

Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0044  

Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (6.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0045  

Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource consumption) via a request for a JSP page containing an MS-DOS device name, such as aux.jsp.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2005-0808  

Apache Tomcat before 5.x allows remote attackers to cause a denial of service (application crash) via a crafted AJP12 packet to TCP port 8007.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2005-4838  

Multiple cross-site scripting (XSS) vulnerabilities in the example web applications for Jakarta Tomcat 5.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) el/functions.jsp, (2) el/implicit-objects.jsp, and (3) jspx/textRotate.jspx in examples/jsp2/, as demonstrated via script in a request to snp/snoop.jsp.  NOTE: other XSS issues in the manager were simultaneously reported, but these require admin access and do not cross privilege boundaries.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions:

CVE-2006-7196  

Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly unspecified other vectors.  NOTE: this may be related to CVE-2006-0254.1.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2007-1358  

Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616".
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: LOW (2.6)
  • Vector: /AV:N/AC:H/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2007-2449  

Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI after the ';' character, as demonstrated by a URI containing a "snp/snoop.jsp;" sequence.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2008-0128  

The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
CWE-16 Configuration

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions:

CVE-2009-2696  

Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat on Red Hat Enterprise Linux 5, Desktop Workstation 5, and Linux Desktop 5 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML." NOTE: this is due to a missing fix for CVE-2009-0781.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions:

CVE-2009-3548  

The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges.
CWE-255 Credentials Management

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2012-5568  

Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris.
CWE-16 Configuration

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-2185  

** DISPUTED ** The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance, a similar issue to CVE-2013-2186.  NOTE: this issue is reportedly disputed by the Apache Tomcat team, although Red Hat considers it a vulnerability. The dispute appears to regard whether it is the responsibility of applications to avoid providing untrusted data to be deserialized, or whether this class should inherently protect against this issue.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4286  

Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification of a request's length and conduct request-smuggling attacks via (1) multiple Content-Length headers or (2) a Content-Length header and a "Transfer-Encoding: chunked" header.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2005-2090.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: MEDIUM (5.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4322  

Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3544.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4444  

Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File code and a custom JMX configuration, allows remote attackers to execute arbitrary code by uploading and accessing a JSP file.
CWE-94 Improper Control of Generation of Code ('Code Injection')

CVSSv2:
  • Base Score: MEDIUM (6.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4590  

Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain "Tomcat internals" information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CWE-200 Information Exposure

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2013-6357  

** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in the Manager application in Apache Tomcat 5.5.25 and earlier allows remote attackers to hijack the authentication of administrators for requests that manipulate application deployment via the POST method, as demonstrated by a /manager/html/undeploy?path= URI.  NOTE: the vendor disputes the significance of this report, stating that "the Apache Tomcat Security team has not accepted any reports of CSRF attacks against the Manager application ... as they require a reckless system administrator."
CWE-352 Cross-Site Request Forgery (CSRF)

CVSSv2:
  • Base Score: MEDIUM (6.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0075  

Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data.
CWE-189 Numeric Errors

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0096  

java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CWE-264 Permissions, Privileges, and Access Controls

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0099  

Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.
CWE-189 Numeric Errors

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0119  

Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to (1) read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, or (2) read files associated with different web applications on a single Tomcat instance via a crafted web application.
CWE-264 Permissions, Privileges, and Access Controls

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2016-5425  

The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows local users to gain root privileges by leveraging membership in the tomcat group.
CWE-264 Permissions, Privileges, and Access Controls

CVSSv2:
  • Base Score: HIGH (7.2)
  • Vector: /AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSSv3:
  • Base Score: HIGH (7.8)
  • Vector: /AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions:

CVE-2017-6056  

It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. The denial of service is easily achievable as a consequence of backporting a CVE-2016-6816 fix but not backporting the fix for Tomcat bug 57544. Distributions affected by this backporting issue include Debian (before 7.0.56-3+deb8u8 and 8.0.14-1+deb8u7 in jessie) and Ubuntu.
CWE-19 Data Processing Errors

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: jasper.jar

File Path: C:\Users\Jeremy\.m2\repository\org\apache\tomcat\tomcat\10.0.0-M4\tomcat-10.0.0-M4.tar.gz\tomcat-10.0.0-M4.tar\apache-tomcat-10.0.0-M4\lib\jasper.jar
MD5: be325064501a1f9c75c8743678afae09
SHA1: d57d9024d8523de5bd92cc3f87872d0715a1d107
SHA256:3846ac10093b51da54d21270ec4d534f05099f4ff129192faadc56e8d57ce162
Referenced In Project/Scope:tomcat10-config:provided

Identifiers

  • cpe:2.3:a:apache_tomcat:apache_tomcat:10.0.0:m4:*:*:*:*:*:*  (Confidence:Low)  

tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: jaspic-api.jar

File Path: C:\Users\Jeremy\.m2\repository\org\apache\tomcat\tomcat\10.0.0-M4\tomcat-10.0.0-M4.tar.gz\tomcat-10.0.0-M4.tar\apache-tomcat-10.0.0-M4\lib\jaspic-api.jar
MD5: 44546a6e0767ab93bc996b50e737c853
SHA1: d1c8ee8440e6a0aa07a911b84b20537d3c65f01f
SHA256:4707611b13319644ca33195366c0686d77b68ba9ae4b0a4bbf56dbdf462b2498
Referenced In Project/Scope:tomcat10-config:provided

Identifiers

  • cpe:2.3:a:apache:tomcat:3.0:*:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:apache_software_foundation:tomcat:10.0.0:m4:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:apache_tomcat:apache_tomcat:10.0.0:m4:*:*:*:*:*:*  (Confidence:Low)  

CVE-2000-0672  

The default configuration of Jakarta Tomcat does not restrict access to the /admin context, which allows remote attackers to read arbitrary files by directly calling the administrative servlets to add a context for the root directory.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2000-0760  

The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (6.4)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2000-1210  

Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions:

CVE-2001-0590  

Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification (i.e. HTTP/1.0).
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions:

CVE-2002-0493  

Apache Tomcat may be started without proper security settings if errors are encountered while reading the web.xml file, which could allow attackers to bypass intended restrictions.
CWE-254 7PK - Security Features

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions:

CVE-2002-1148  

The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2002-2006  

The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation path and other sensitive system information via the (1) SnoopServlet or (2) TroubleShooter example servlets.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0042  

Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0043  

Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0044  

Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (6.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0045  

Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource consumption) via a request for a JSP page containing an MS-DOS device name, such as aux.jsp.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2005-0808  

Apache Tomcat before 5.x allows remote attackers to cause a denial of service (application crash) via a crafted AJP12 packet to TCP port 8007.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2005-4838  

Multiple cross-site scripting (XSS) vulnerabilities in the example web applications for Jakarta Tomcat 5.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) el/functions.jsp, (2) el/implicit-objects.jsp, and (3) jspx/textRotate.jspx in examples/jsp2/, as demonstrated via script in a request to snp/snoop.jsp.  NOTE: other XSS issues in the manager were simultaneously reported, but these require admin access and do not cross privilege boundaries.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions:

CVE-2006-7196  

Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly unspecified other vectors.  NOTE: this may be related to CVE-2006-0254.1.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2007-1358  

Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616".
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: LOW (2.6)
  • Vector: /AV:N/AC:H/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2007-2449  

Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI after the ';' character, as demonstrated by a URI containing a "snp/snoop.jsp;" sequence.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2008-0128  

The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
CWE-16 Configuration

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions:

CVE-2009-2696  

Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat on Red Hat Enterprise Linux 5, Desktop Workstation 5, and Linux Desktop 5 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML." NOTE: this is due to a missing fix for CVE-2009-0781.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions:

CVE-2009-3548  

The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges.
CWE-255 Credentials Management

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2012-5568  

Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris.
CWE-16 Configuration

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-2185  

** DISPUTED ** The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance, a similar issue to CVE-2013-2186.  NOTE: this issue is reportedly disputed by the Apache Tomcat team, although Red Hat considers it a vulnerability. The dispute appears to regard whether it is the responsibility of applications to avoid providing untrusted data to be deserialized, or whether this class should inherently protect against this issue.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4286  

Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification of a request's length and conduct request-smuggling attacks via (1) multiple Content-Length headers or (2) a Content-Length header and a "Transfer-Encoding: chunked" header.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2005-2090.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: MEDIUM (5.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4322  

Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3544.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4444  

Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File code and a custom JMX configuration, allows remote attackers to execute arbitrary code by uploading and accessing a JSP file.
CWE-94 Improper Control of Generation of Code ('Code Injection')

CVSSv2:
  • Base Score: MEDIUM (6.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4590  

Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain "Tomcat internals" information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CWE-200 Information Exposure

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2013-6357  

** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in the Manager application in Apache Tomcat 5.5.25 and earlier allows remote attackers to hijack the authentication of administrators for requests that manipulate application deployment via the POST method, as demonstrated by a /manager/html/undeploy?path= URI.  NOTE: the vendor disputes the significance of this report, stating that "the Apache Tomcat Security team has not accepted any reports of CSRF attacks against the Manager application ... as they require a reckless system administrator."
CWE-352 Cross-Site Request Forgery (CSRF)

CVSSv2:
  • Base Score: MEDIUM (6.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0075  

Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data.
CWE-189 Numeric Errors

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0096  

java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CWE-264 Permissions, Privileges, and Access Controls

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0099  

Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.
CWE-189 Numeric Errors

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0119  

Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to (1) read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, or (2) read files associated with different web applications on a single Tomcat instance via a crafted web application.
CWE-264 Permissions, Privileges, and Access Controls

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2016-5425  

The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows local users to gain root privileges by leveraging membership in the tomcat group.
CWE-264 Permissions, Privileges, and Access Controls

CVSSv2:
  • Base Score: HIGH (7.2)
  • Vector: /AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSSv3:
  • Base Score: HIGH (7.8)
  • Vector: /AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions:

CVE-2017-6056  

It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. The denial of service is easily achievable as a consequence of backporting a CVE-2016-6816 fix but not backporting the fix for Tomcat bug 57544. Distributions affected by this backporting issue include Debian (before 7.0.56-3+deb8u8 and 8.0.14-1+deb8u7 in jessie) and Ubuntu.
CWE-19 Data Processing Errors

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: jsp-api.jar

File Path: C:\Users\Jeremy\.m2\repository\org\apache\tomcat\tomcat\10.0.0-M4\tomcat-10.0.0-M4.tar.gz\tomcat-10.0.0-M4.tar\apache-tomcat-10.0.0-M4\lib\jsp-api.jar
MD5: 0e53eece307894d4c83964f240b13843
SHA1: cd8612f318cf86df725d30e0b13df8571d88d408
SHA256:40302a06556d16a6ee0c17fc7b97184a9f5c810000c3f84224098984881b18c0
Referenced In Project/Scope:tomcat10-config:provided

Identifiers

  • cpe:2.3:a:apache:tomcat:3.0:*:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:apache_software_foundation:tomcat:10.0.0:m4:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:apache_tomcat:apache_tomcat:10.0.0:m4:*:*:*:*:*:*  (Confidence:Low)  

CVE-2000-0672  

The default configuration of Jakarta Tomcat does not restrict access to the /admin context, which allows remote attackers to read arbitrary files by directly calling the administrative servlets to add a context for the root directory.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2000-0760  

The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (6.4)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2000-1210  

Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions:

CVE-2001-0590  

Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification (i.e. HTTP/1.0).
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions:

CVE-2002-0493  

Apache Tomcat may be started without proper security settings if errors are encountered while reading the web.xml file, which could allow attackers to bypass intended restrictions.
CWE-254 7PK - Security Features

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions:

CVE-2002-1148  

The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2002-2006  

The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation path and other sensitive system information via the (1) SnoopServlet or (2) TroubleShooter example servlets.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0042  

Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0043  

Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0044  

Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (6.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0045  

Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource consumption) via a request for a JSP page containing an MS-DOS device name, such as aux.jsp.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2005-0808  

Apache Tomcat before 5.x allows remote attackers to cause a denial of service (application crash) via a crafted AJP12 packet to TCP port 8007.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2005-4838  

Multiple cross-site scripting (XSS) vulnerabilities in the example web applications for Jakarta Tomcat 5.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) el/functions.jsp, (2) el/implicit-objects.jsp, and (3) jspx/textRotate.jspx in examples/jsp2/, as demonstrated via script in a request to snp/snoop.jsp.  NOTE: other XSS issues in the manager were simultaneously reported, but these require admin access and do not cross privilege boundaries.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions:

CVE-2006-7196  

Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly unspecified other vectors.  NOTE: this may be related to CVE-2006-0254.1.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2007-1358  

Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616".
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: LOW (2.6)
  • Vector: /AV:N/AC:H/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2007-2449  

Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI after the ';' character, as demonstrated by a URI containing a "snp/snoop.jsp;" sequence.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2008-0128  

The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
CWE-16 Configuration

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions:

CVE-2009-2696  

Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat on Red Hat Enterprise Linux 5, Desktop Workstation 5, and Linux Desktop 5 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML." NOTE: this is due to a missing fix for CVE-2009-0781.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions:

CVE-2009-3548  

The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges.
CWE-255 Credentials Management

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2012-5568  

Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris.
CWE-16 Configuration

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-2185  

** DISPUTED ** The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance, a similar issue to CVE-2013-2186.  NOTE: this issue is reportedly disputed by the Apache Tomcat team, although Red Hat considers it a vulnerability. The dispute appears to regard whether it is the responsibility of applications to avoid providing untrusted data to be deserialized, or whether this class should inherently protect against this issue.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4286  

Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification of a request's length and conduct request-smuggling attacks via (1) multiple Content-Length headers or (2) a Content-Length header and a "Transfer-Encoding: chunked" header.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2005-2090.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: MEDIUM (5.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4322  

Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3544.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4444  

Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File code and a custom JMX configuration, allows remote attackers to execute arbitrary code by uploading and accessing a JSP file.
CWE-94 Improper Control of Generation of Code ('Code Injection')

CVSSv2:
  • Base Score: MEDIUM (6.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4590  

Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain "Tomcat internals" information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CWE-200 Information Exposure

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2013-6357  

** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in the Manager application in Apache Tomcat 5.5.25 and earlier allows remote attackers to hijack the authentication of administrators for requests that manipulate application deployment via the POST method, as demonstrated by a /manager/html/undeploy?path= URI.  NOTE: the vendor disputes the significance of this report, stating that "the Apache Tomcat Security team has not accepted any reports of CSRF attacks against the Manager application ... as they require a reckless system administrator."
CWE-352 Cross-Site Request Forgery (CSRF)

CVSSv2:
  • Base Score: MEDIUM (6.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0075  

Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data.
CWE-189 Numeric Errors

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0096  

java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CWE-264 Permissions, Privileges, and Access Controls

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0099  

Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.
CWE-189 Numeric Errors

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0119  

Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to (1) read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, or (2) read files associated with different web applications on a single Tomcat instance via a crafted web application.
CWE-264 Permissions, Privileges, and Access Controls

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2016-5425  

The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows local users to gain root privileges by leveraging membership in the tomcat group.
CWE-264 Permissions, Privileges, and Access Controls

CVSSv2:
  • Base Score: HIGH (7.2)
  • Vector: /AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSSv3:
  • Base Score: HIGH (7.8)
  • Vector: /AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions:

CVE-2017-6056  

It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. The denial of service is easily achievable as a consequence of backporting a CVE-2016-6816 fix but not backporting the fix for Tomcat bug 57544. Distributions affected by this backporting issue include Debian (before 7.0.56-3+deb8u8 and 8.0.14-1+deb8u7 in jessie) and Ubuntu.
CWE-19 Data Processing Errors

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: servlet-api.jar

File Path: C:\Users\Jeremy\.m2\repository\org\apache\tomcat\tomcat\10.0.0-M4\tomcat-10.0.0-M4.tar.gz\tomcat-10.0.0-M4.tar\apache-tomcat-10.0.0-M4\lib\servlet-api.jar
MD5: 41b26f2c65431387da6f91a1d77e63e2
SHA1: 329e16f2b6c2bd4e545d59661134e40e5b3bf522
SHA256:155358d82023245fb253668a8b6735ae85de87f989cef6e317694a461ce4423a
Referenced In Project/Scope:tomcat10-config:provided

Identifiers

  • cpe:2.3:a:apache:tomcat:3.0:*:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:apache_software_foundation:tomcat:10.0.0:m4:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:apache_tomcat:apache_tomcat:10.0.0:m4:*:*:*:*:*:*  (Confidence:Low)  

CVE-2000-0672  

The default configuration of Jakarta Tomcat does not restrict access to the /admin context, which allows remote attackers to read arbitrary files by directly calling the administrative servlets to add a context for the root directory.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2000-0760  

The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (6.4)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2000-1210  

Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions:

CVE-2001-0590  

Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification (i.e. HTTP/1.0).
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions:

CVE-2002-0493  

Apache Tomcat may be started without proper security settings if errors are encountered while reading the web.xml file, which could allow attackers to bypass intended restrictions.
CWE-254 7PK - Security Features

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions:

CVE-2002-1148  

The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2002-2006  

The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation path and other sensitive system information via the (1) SnoopServlet or (2) TroubleShooter example servlets.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0042  

Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0043  

Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0044  

Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (6.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0045  

Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource consumption) via a request for a JSP page containing an MS-DOS device name, such as aux.jsp.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2005-0808  

Apache Tomcat before 5.x allows remote attackers to cause a denial of service (application crash) via a crafted AJP12 packet to TCP port 8007.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2005-4838  

Multiple cross-site scripting (XSS) vulnerabilities in the example web applications for Jakarta Tomcat 5.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) el/functions.jsp, (2) el/implicit-objects.jsp, and (3) jspx/textRotate.jspx in examples/jsp2/, as demonstrated via script in a request to snp/snoop.jsp.  NOTE: other XSS issues in the manager were simultaneously reported, but these require admin access and do not cross privilege boundaries.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions:

CVE-2006-7196  

Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly unspecified other vectors.  NOTE: this may be related to CVE-2006-0254.1.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2007-1358  

Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616".
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: LOW (2.6)
  • Vector: /AV:N/AC:H/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2007-2449  

Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI after the ';' character, as demonstrated by a URI containing a "snp/snoop.jsp;" sequence.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2008-0128  

The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
CWE-16 Configuration

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions:

CVE-2009-2696  

Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat on Red Hat Enterprise Linux 5, Desktop Workstation 5, and Linux Desktop 5 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML." NOTE: this is due to a missing fix for CVE-2009-0781.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions:

CVE-2009-3548  

The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges.
CWE-255 Credentials Management

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2012-5568  

Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris.
CWE-16 Configuration

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-2185  

** DISPUTED ** The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance, a similar issue to CVE-2013-2186.  NOTE: this issue is reportedly disputed by the Apache Tomcat team, although Red Hat considers it a vulnerability. The dispute appears to regard whether it is the responsibility of applications to avoid providing untrusted data to be deserialized, or whether this class should inherently protect against this issue.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4286  

Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification of a request's length and conduct request-smuggling attacks via (1) multiple Content-Length headers or (2) a Content-Length header and a "Transfer-Encoding: chunked" header.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2005-2090.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: MEDIUM (5.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4322  

Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3544.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4444  

Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File code and a custom JMX configuration, allows remote attackers to execute arbitrary code by uploading and accessing a JSP file.
CWE-94 Improper Control of Generation of Code ('Code Injection')

CVSSv2:
  • Base Score: MEDIUM (6.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4590  

Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain "Tomcat internals" information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CWE-200 Information Exposure

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2013-6357  

** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in the Manager application in Apache Tomcat 5.5.25 and earlier allows remote attackers to hijack the authentication of administrators for requests that manipulate application deployment via the POST method, as demonstrated by a /manager/html/undeploy?path= URI.  NOTE: the vendor disputes the significance of this report, stating that "the Apache Tomcat Security team has not accepted any reports of CSRF attacks against the Manager application ... as they require a reckless system administrator."
CWE-352 Cross-Site Request Forgery (CSRF)

CVSSv2:
  • Base Score: MEDIUM (6.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0075  

Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data.
CWE-189 Numeric Errors

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0096  

java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CWE-264 Permissions, Privileges, and Access Controls

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0099  

Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.
CWE-189 Numeric Errors

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0119  

Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to (1) read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, or (2) read files associated with different web applications on a single Tomcat instance via a crafted web application.
CWE-264 Permissions, Privileges, and Access Controls

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2016-5425  

The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows local users to gain root privileges by leveraging membership in the tomcat group.
CWE-264 Permissions, Privileges, and Access Controls

CVSSv2:
  • Base Score: HIGH (7.2)
  • Vector: /AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSSv3:
  • Base Score: HIGH (7.8)
  • Vector: /AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions:

CVE-2017-6056  

It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. The denial of service is easily achievable as a consequence of backporting a CVE-2016-6816 fix but not backporting the fix for Tomcat bug 57544. Distributions affected by this backporting issue include Debian (before 7.0.56-3+deb8u8 and 8.0.14-1+deb8u7 in jessie) and Ubuntu.
CWE-19 Data Processing Errors

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: tomcat-api.jar

File Path: C:\Users\Jeremy\.m2\repository\org\apache\tomcat\tomcat\10.0.0-M4\tomcat-10.0.0-M4.tar.gz\tomcat-10.0.0-M4.tar\apache-tomcat-10.0.0-M4\lib\tomcat-api.jar
MD5: c473cf5d69e340a4e9a1b9336587e5b4
SHA1: a8093d5c1836a9687a301fc2138320e3893af8fb
SHA256:0b7a3ca83c9b4b76b10168fe7c17eeb0ff8fd802b1bd43616a4ec9712b30a3c6
Referenced In Project/Scope:tomcat10-config:provided

Identifiers

  • cpe:2.3:a:apache:tomcat:3.0:*:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:apache_software_foundation:tomcat:10.0.0:m4:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:apache_tomcat:apache_tomcat:10.0.0:m4:*:*:*:*:*:*  (Confidence:Low)  

CVE-2000-0672  

The default configuration of Jakarta Tomcat does not restrict access to the /admin context, which allows remote attackers to read arbitrary files by directly calling the administrative servlets to add a context for the root directory.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2000-0760  

The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (6.4)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2000-1210  

Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions:

CVE-2001-0590  

Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification (i.e. HTTP/1.0).
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions:

CVE-2002-0493  

Apache Tomcat may be started without proper security settings if errors are encountered while reading the web.xml file, which could allow attackers to bypass intended restrictions.
CWE-254 7PK - Security Features

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions:

CVE-2002-1148  

The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2002-2006  

The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation path and other sensitive system information via the (1) SnoopServlet or (2) TroubleShooter example servlets.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0042  

Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0043  

Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0044  

Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (6.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0045  

Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource consumption) via a request for a JSP page containing an MS-DOS device name, such as aux.jsp.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2005-0808  

Apache Tomcat before 5.x allows remote attackers to cause a denial of service (application crash) via a crafted AJP12 packet to TCP port 8007.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2005-4838  

Multiple cross-site scripting (XSS) vulnerabilities in the example web applications for Jakarta Tomcat 5.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) el/functions.jsp, (2) el/implicit-objects.jsp, and (3) jspx/textRotate.jspx in examples/jsp2/, as demonstrated via script in a request to snp/snoop.jsp.  NOTE: other XSS issues in the manager were simultaneously reported, but these require admin access and do not cross privilege boundaries.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions:

CVE-2006-7196  

Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly unspecified other vectors.  NOTE: this may be related to CVE-2006-0254.1.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2007-1358  

Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616".
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: LOW (2.6)
  • Vector: /AV:N/AC:H/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2007-2449  

Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI after the ';' character, as demonstrated by a URI containing a "snp/snoop.jsp;" sequence.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2008-0128  

The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
CWE-16 Configuration

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions:

CVE-2009-2696  

Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat on Red Hat Enterprise Linux 5, Desktop Workstation 5, and Linux Desktop 5 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML." NOTE: this is due to a missing fix for CVE-2009-0781.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions:

CVE-2009-3548  

The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges.
CWE-255 Credentials Management

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2012-5568  

Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris.
CWE-16 Configuration

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-2185  

** DISPUTED ** The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance, a similar issue to CVE-2013-2186.  NOTE: this issue is reportedly disputed by the Apache Tomcat team, although Red Hat considers it a vulnerability. The dispute appears to regard whether it is the responsibility of applications to avoid providing untrusted data to be deserialized, or whether this class should inherently protect against this issue.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4286  

Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification of a request's length and conduct request-smuggling attacks via (1) multiple Content-Length headers or (2) a Content-Length header and a "Transfer-Encoding: chunked" header.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2005-2090.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: MEDIUM (5.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4322  

Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3544.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4444  

Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File code and a custom JMX configuration, allows remote attackers to execute arbitrary code by uploading and accessing a JSP file.
CWE-94 Improper Control of Generation of Code ('Code Injection')

CVSSv2:
  • Base Score: MEDIUM (6.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4590  

Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain "Tomcat internals" information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CWE-200 Information Exposure

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2013-6357  

** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in the Manager application in Apache Tomcat 5.5.25 and earlier allows remote attackers to hijack the authentication of administrators for requests that manipulate application deployment via the POST method, as demonstrated by a /manager/html/undeploy?path= URI.  NOTE: the vendor disputes the significance of this report, stating that "the Apache Tomcat Security team has not accepted any reports of CSRF attacks against the Manager application ... as they require a reckless system administrator."
CWE-352 Cross-Site Request Forgery (CSRF)

CVSSv2:
  • Base Score: MEDIUM (6.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0075  

Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data.
CWE-189 Numeric Errors

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0096  

java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CWE-264 Permissions, Privileges, and Access Controls

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0099  

Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.
CWE-189 Numeric Errors

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0119  

Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to (1) read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, or (2) read files associated with different web applications on a single Tomcat instance via a crafted web application.
CWE-264 Permissions, Privileges, and Access Controls

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2016-5425  

The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows local users to gain root privileges by leveraging membership in the tomcat group.
CWE-264 Permissions, Privileges, and Access Controls

CVSSv2:
  • Base Score: HIGH (7.2)
  • Vector: /AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSSv3:
  • Base Score: HIGH (7.8)
  • Vector: /AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions:

CVE-2017-6056  

It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. The denial of service is easily achievable as a consequence of backporting a CVE-2016-6816 fix but not backporting the fix for Tomcat bug 57544. Distributions affected by this backporting issue include Debian (before 7.0.56-3+deb8u8 and 8.0.14-1+deb8u7 in jessie) and Ubuntu.
CWE-19 Data Processing Errors

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: tomcat-i18n-cs.jar

File Path: C:\Users\Jeremy\.m2\repository\org\apache\tomcat\tomcat\10.0.0-M4\tomcat-10.0.0-M4.tar.gz\tomcat-10.0.0-M4.tar\apache-tomcat-10.0.0-M4\lib\tomcat-i18n-cs.jar
MD5: 8a48a3eb10b3436921bc5f0e56211adc
SHA1: 8442e9c9b6344cadd3ef51a3ea8365307a699df9
SHA256:afefc9073ad6f4a2129b26644f7e9c981ed7ca48b13b8026c2e9083e7453de75
Referenced In Project/Scope:tomcat10-config:provided

Identifiers

  • cpe:2.3:a:apache:tomcat:10.0.0:m4:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:apache_software_foundation:tomcat:10.0.0:m4:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:apache_tomcat:apache_tomcat:10.0.0:m4:*:*:*:*:*:*  (Confidence:Low)  

tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: tomcat-i18n-fr.jar

File Path: C:\Users\Jeremy\.m2\repository\org\apache\tomcat\tomcat\10.0.0-M4\tomcat-10.0.0-M4.tar.gz\tomcat-10.0.0-M4.tar\apache-tomcat-10.0.0-M4\lib\tomcat-i18n-fr.jar
MD5: 696a4538ced3e61a0c6239480c63f5d2
SHA1: b3cb41c6ea1254a4bdf7ab05198d3d9adfa44e86
SHA256:0c8b891c0927038ab19f0821bca8368763455d2340fdb2ac3daed872e81d0dd8
Referenced In Project/Scope:tomcat10-config:provided

Identifiers

  • cpe:2.3:a:apache:tomcat:10.0.0:m4:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:apache_software_foundation:tomcat:10.0.0:m4:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:apache_tomcat:apache_tomcat:10.0.0:m4:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:nfr:nfr:10.0.0.m4:*:*:*:*:*:*:*  (Confidence:Low)  

tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: tomcat-jdbc.jar

File Path: C:\Users\Jeremy\.m2\repository\org\apache\tomcat\tomcat\10.0.0-M4\tomcat-10.0.0-M4.tar.gz\tomcat-10.0.0-M4.tar\apache-tomcat-10.0.0-M4\lib\tomcat-jdbc.jar
MD5: 9359fcc7df4607f02e3f3b587c6240f2
SHA1: 7f9eeafaa5a036094c4e4578bd6d501efdeea8cd
SHA256:7d03dd1787ab358b209a4dc6e3912bf822d14ad867733fba7dee7dff49430fe7
Referenced In Project/Scope:tomcat10-config:provided

Identifiers

tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: websocket-api.jar

File Path: C:\Users\Jeremy\.m2\repository\org\apache\tomcat\tomcat\10.0.0-M4\tomcat-10.0.0-M4.tar.gz\tomcat-10.0.0-M4.tar\apache-tomcat-10.0.0-M4\lib\websocket-api.jar
MD5: 73a4a38b2a83cd7d75b32bce750094d3
SHA1: f2971951db6620ff6169965889661a1c9bea0ab9
SHA256:e62b301268042f1ce1ab096192210f490ce772dcddf60ed201089049e32dc59b
Referenced In Project/Scope:tomcat10-config:provided

Identifiers

  • cpe:2.3:a:apache:tomcat:3.0:*:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:apache_software_foundation:tomcat:10.0.0:m4:*:*:*:*:*:*  (Confidence:Low)  
  • cpe:2.3:a:apache_tomcat:apache_tomcat:10.0.0:m4:*:*:*:*:*:*  (Confidence:Low)  

CVE-2000-0672  

The default configuration of Jakarta Tomcat does not restrict access to the /admin context, which allows remote attackers to read arbitrary files by directly calling the administrative servlets to add a context for the root directory.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2000-0760  

The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (6.4)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2000-1210  

Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions:

CVE-2001-0590  

Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification (i.e. HTTP/1.0).
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions:

CVE-2002-0493  

Apache Tomcat may be started without proper security settings if errors are encountered while reading the web.xml file, which could allow attackers to bypass intended restrictions.
CWE-254 7PK - Security Features

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions:

CVE-2002-1148  

The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2002-2006  

The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation path and other sensitive system information via the (1) SnoopServlet or (2) TroubleShooter example servlets.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0042  

Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0043  

Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0044  

Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (6.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2003-0045  

Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource consumption) via a request for a JSP page containing an MS-DOS device name, such as aux.jsp.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2005-0808  

Apache Tomcat before 5.x allows remote attackers to cause a denial of service (application crash) via a crafted AJP12 packet to TCP port 8007.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2005-4838  

Multiple cross-site scripting (XSS) vulnerabilities in the example web applications for Jakarta Tomcat 5.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) el/functions.jsp, (2) el/implicit-objects.jsp, and (3) jspx/textRotate.jspx in examples/jsp2/, as demonstrated via script in a request to snp/snoop.jsp.  NOTE: other XSS issues in the manager were simultaneously reported, but these require admin access and do not cross privilege boundaries.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions:

CVE-2006-7196  

Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly unspecified other vectors.  NOTE: this may be related to CVE-2006-0254.1.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2007-1358  

Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616".
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: LOW (2.6)
  • Vector: /AV:N/AC:H/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2007-2449  

Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI after the ';' character, as demonstrated by a URI containing a "snp/snoop.jsp;" sequence.
NVD-CWE-Other

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2008-0128  

The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
CWE-16 Configuration

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions:

CVE-2009-2696  

Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat on Red Hat Enterprise Linux 5, Desktop Workstation 5, and Linux Desktop 5 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML." NOTE: this is due to a missing fix for CVE-2009-0781.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions:

CVE-2009-3548  

The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges.
CWE-255 Credentials Management

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2012-5568  

Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris.
CWE-16 Configuration

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-2185  

** DISPUTED ** The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance, a similar issue to CVE-2013-2186.  NOTE: this issue is reportedly disputed by the Apache Tomcat team, although Red Hat considers it a vulnerability. The dispute appears to regard whether it is the responsibility of applications to avoid providing untrusted data to be deserialized, or whether this class should inherently protect against this issue.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4286  

Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification of a request's length and conduct request-smuggling attacks via (1) multiple Content-Length headers or (2) a Content-Length header and a "Transfer-Encoding: chunked" header.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2005-2090.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: MEDIUM (5.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4322  

Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3544.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4444  

Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File code and a custom JMX configuration, allows remote attackers to execute arbitrary code by uploading and accessing a JSP file.
CWE-94 Improper Control of Generation of Code ('Code Injection')

CVSSv2:
  • Base Score: MEDIUM (6.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2013-4590  

Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain "Tomcat internals" information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CWE-200 Information Exposure

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2013-6357  

** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in the Manager application in Apache Tomcat 5.5.25 and earlier allows remote attackers to hijack the authentication of administrators for requests that manipulate application deployment via the POST method, as demonstrated by a /manager/html/undeploy?path= URI.  NOTE: the vendor disputes the significance of this report, stating that "the Apache Tomcat Security team has not accepted any reports of CSRF attacks against the Manager application ... as they require a reckless system administrator."
CWE-352 Cross-Site Request Forgery (CSRF)

CVSSv2:
  • Base Score: MEDIUM (6.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0075  

Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data.
CWE-189 Numeric Errors

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0096  

java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CWE-264 Permissions, Privileges, and Access Controls

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0099  

Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.
CWE-189 Numeric Errors

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2014-0119  

Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to (1) read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, or (2) read files associated with different web applications on a single Tomcat instance via a crafted web application.
CWE-264 Permissions, Privileges, and Access Controls

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

CVE-2016-5425  

The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows local users to gain root privileges by leveraging membership in the tomcat group.
CWE-264 Permissions, Privileges, and Access Controls

CVSSv2:
  • Base Score: HIGH (7.2)
  • Vector: /AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSSv3:
  • Base Score: HIGH (7.8)
  • Vector: /AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions:

CVE-2017-6056  

It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. The denial of service is easily achievable as a consequence of backporting a CVE-2016-6816 fix but not backporting the fix for Tomcat bug 57544. Distributions affected by this backporting issue include Debian (before 7.0.56-3+deb8u8 and 8.0.14-1+deb8u7 in jessie) and Ubuntu.
CWE-19 Data Processing Errors

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions:

tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: sample.war

File Path: C:\Users\Jeremy\.m2\repository\org\apache\tomcat\tomcat\10.0.0-M4\tomcat-10.0.0-M4.tar.gz\tomcat-10.0.0-M4.tar\apache-tomcat-10.0.0-M4\webapps\docs\appdev\sample\sample.war
MD5: 570f196c4a1025a717269d16d11d6f37
SHA1: 80f5053b166c69d81697ba21113c673f8372aca0
SHA256:89b33caa5bf4cfd235f060c396cb1a5acb2734a1366db325676f48c5f5ed92e5
Referenced In Project/Scope:tomcat10-config:provided

Identifiers

  • None

tomcat-10.0.0-M4.tar.gz: tomcat-10.0.0-M4.tar: taglibs-standard-impl-1.2.5-migrated-0.0.1.jar

Description:

        An implementation of the JSP Standard Tag Library (JSTL).
    

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\Jeremy\.m2\repository\org\apache\tomcat\tomcat\10.0.0-M4\tomcat-10.0.0-M4.tar.gz\tomcat-10.0.0-M4.tar\apache-tomcat-10.0.0-M4\webapps\examples\WEB-INF\lib\taglibs-standard-impl-1.2.5-migrated-0.0.1.jar
MD5: 233e487c265b58bd2d730f90132ddcb4
SHA1: 6bc6265f361f8efd5f1fb230073983e2d2495cec
SHA256:1141c62a014ac1378079876f2c021ecd3b31d6021c6ef856e660d0b49188bbe2
Referenced In Project/Scope:tomcat10-config:provided

Identifiers



This report contains data retrieved from the National Vulnerability Database.
This report may contain data retrieved from the NPM Public Advisories.
This report may contain data retrieved from RetireJS.
This report may contain data retrieved from the Sonatype OSS Index.